2099 lines
69 KiB
C
2099 lines
69 KiB
C
/*
|
|
* Internet Security and Zone Manager
|
|
*
|
|
* Copyright (c) 2004 Huw D M Davies
|
|
* Copyright 2004 Jacek Caban
|
|
* Copyright 2009 Detlef Riekenberg
|
|
* Copyright 2011 Thomas Mullaly for CodeWeavers
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
|
*/
|
|
|
|
#include <stdio.h>
|
|
|
|
#include "urlmon_main.h"
|
|
#include "winreg.h"
|
|
#include "wininet.h"
|
|
|
|
#define NO_SHLWAPI_REG
|
|
#include "shlwapi.h"
|
|
|
|
#include "wine/debug.h"
|
|
|
|
WINE_DEFAULT_DEBUG_CHANNEL(urlmon);
|
|
|
|
static const WCHAR currentlevelW[] = {'C','u','r','r','e','n','t','L','e','v','e','l',0};
|
|
static const WCHAR descriptionW[] = {'D','e','s','c','r','i','p','t','i','o','n',0};
|
|
static const WCHAR displaynameW[] = {'D','i','s','p','l','a','y','N','a','m','e',0};
|
|
static const WCHAR fileW[] = {'f','i','l','e',0};
|
|
static const WCHAR flagsW[] = {'F','l','a','g','s',0};
|
|
static const WCHAR iconW[] = {'I','c','o','n',0};
|
|
static const WCHAR minlevelW[] = {'M','i','n','L','e','v','e','l',0};
|
|
static const WCHAR recommendedlevelW[] = {'R','e','c','o','m','m','e','n','d','e','d',
|
|
'L','e','v','e','l',0};
|
|
static const WCHAR wszZonesKey[] = {'S','o','f','t','w','a','r','e','\\',
|
|
'M','i','c','r','o','s','o','f','t','\\',
|
|
'W','i','n','d','o','w','s','\\',
|
|
'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
|
|
'I','n','t','e','r','n','e','t',' ','S','e','t','t','i','n','g','s','\\',
|
|
'Z','o','n','e','s','\\',0};
|
|
static const WCHAR zone_map_keyW[] = {'S','o','f','t','w','a','r','e','\\',
|
|
'M','i','c','r','o','s','o','f','t','\\',
|
|
'W','i','n','d','o','w','s','\\',
|
|
'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
|
|
'I','n','t','e','r','n','e','t',' ','S','e','t','t','i','n','g','s','\\',
|
|
'Z','o','n','e','M','a','p',0};
|
|
static const WCHAR wszZoneMapDomainsKey[] = {'S','o','f','t','w','a','r','e','\\',
|
|
'M','i','c','r','o','s','o','f','t','\\',
|
|
'W','i','n','d','o','w','s','\\',
|
|
'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
|
|
'I','n','t','e','r','n','e','t',' ','S','e','t','t','i','n','g','s','\\',
|
|
'Z','o','n','e','M','a','p','\\',
|
|
'D','o','m','a','i','n','s',0};
|
|
|
|
static inline BOOL is_drive_path(const WCHAR *path)
|
|
{
|
|
return iswalpha(*path) && *(path+1) == ':';
|
|
}
|
|
|
|
/* List of schemes types Windows seems to expect to be hierarchical. */
|
|
static inline BOOL is_hierarchical_scheme(URL_SCHEME type) {
|
|
return(type == URL_SCHEME_HTTP || type == URL_SCHEME_FTP ||
|
|
type == URL_SCHEME_GOPHER || type == URL_SCHEME_NNTP ||
|
|
type == URL_SCHEME_TELNET || type == URL_SCHEME_WAIS ||
|
|
type == URL_SCHEME_FILE || type == URL_SCHEME_HTTPS ||
|
|
type == URL_SCHEME_RES);
|
|
}
|
|
|
|
/********************************************************************
|
|
* get_string_from_reg [internal]
|
|
*
|
|
* helper to get a string from the reg.
|
|
*
|
|
*/
|
|
static void get_string_from_reg(HKEY hcu, HKEY hklm, LPCWSTR name, LPWSTR out, DWORD maxlen)
|
|
{
|
|
DWORD type = REG_SZ;
|
|
DWORD len = maxlen * sizeof(WCHAR);
|
|
DWORD res;
|
|
|
|
res = RegQueryValueExW(hcu, name, NULL, &type, (LPBYTE) out, &len);
|
|
|
|
if (res && hklm) {
|
|
len = maxlen * sizeof(WCHAR);
|
|
type = REG_SZ;
|
|
res = RegQueryValueExW(hklm, name, NULL, &type, (LPBYTE) out, &len);
|
|
}
|
|
|
|
if (res) {
|
|
TRACE("%s failed: %d\n", debugstr_w(name), res);
|
|
*out = '\0';
|
|
}
|
|
}
|
|
|
|
/********************************************************************
|
|
* get_dword_from_reg [internal]
|
|
*
|
|
* helper to get a dword from the reg.
|
|
*
|
|
*/
|
|
static void get_dword_from_reg(HKEY hcu, HKEY hklm, LPCWSTR name, LPDWORD out)
|
|
{
|
|
DWORD type = REG_DWORD;
|
|
DWORD len = sizeof(DWORD);
|
|
DWORD res;
|
|
|
|
res = RegQueryValueExW(hcu, name, NULL, &type, (LPBYTE) out, &len);
|
|
|
|
if (res && hklm) {
|
|
len = sizeof(DWORD);
|
|
type = REG_DWORD;
|
|
res = RegQueryValueExW(hklm, name, NULL, &type, (LPBYTE) out, &len);
|
|
}
|
|
|
|
if (res) {
|
|
TRACE("%s failed: %d\n", debugstr_w(name), res);
|
|
*out = 0;
|
|
}
|
|
}
|
|
|
|
static HRESULT get_zone_from_reg(LPCWSTR schema, DWORD *zone)
|
|
{
|
|
DWORD res, size;
|
|
HKEY hkey;
|
|
|
|
static const WCHAR wszZoneMapProtocolKey[] =
|
|
{'S','o','f','t','w','a','r','e','\\',
|
|
'M','i','c','r','o','s','o','f','t','\\',
|
|
'W','i','n','d','o','w','s','\\',
|
|
'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
|
|
'I','n','t','e','r','n','e','t',' ','S','e','t','t','i','n','g','s','\\',
|
|
'Z','o','n','e','M','a','p','\\',
|
|
'P','r','o','t','o','c','o','l','D','e','f','a','u','l','t','s',0};
|
|
|
|
res = RegOpenKeyW(HKEY_CURRENT_USER, wszZoneMapProtocolKey, &hkey);
|
|
if(res != ERROR_SUCCESS) {
|
|
ERR("Could not open key %s\n", debugstr_w(wszZoneMapProtocolKey));
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
size = sizeof(DWORD);
|
|
res = RegQueryValueExW(hkey, schema, NULL, NULL, (PBYTE)zone, &size);
|
|
RegCloseKey(hkey);
|
|
if(res == ERROR_SUCCESS)
|
|
return S_OK;
|
|
|
|
res = RegOpenKeyW(HKEY_LOCAL_MACHINE, wszZoneMapProtocolKey, &hkey);
|
|
if(res != ERROR_SUCCESS) {
|
|
ERR("Could not open key %s\n", debugstr_w(wszZoneMapProtocolKey));
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
size = sizeof(DWORD);
|
|
res = RegQueryValueExW(hkey, schema, NULL, NULL, (PBYTE)zone, &size);
|
|
RegCloseKey(hkey);
|
|
if(res == ERROR_SUCCESS)
|
|
return S_OK;
|
|
|
|
*zone = 3;
|
|
return S_OK;
|
|
}
|
|
|
|
/********************************************************************
|
|
* matches_domain_pattern [internal]
|
|
*
|
|
* Checks if the given string matches the specified domain pattern.
|
|
*
|
|
* This function looks for explicit wildcard domain components iff
|
|
* they appear at the very beginning of the 'pattern' string
|
|
*
|
|
* pattern = "*.google.com"
|
|
*/
|
|
static BOOL matches_domain_pattern(LPCWSTR pattern, LPCWSTR str, BOOL implicit_wildcard, LPCWSTR *matched)
|
|
{
|
|
BOOL matches = FALSE;
|
|
DWORD pattern_len = lstrlenW(pattern);
|
|
DWORD str_len = lstrlenW(str);
|
|
|
|
TRACE("(%d) Checking if %s matches %s\n", implicit_wildcard, debugstr_w(str), debugstr_w(pattern));
|
|
|
|
*matched = NULL;
|
|
if(str_len >= pattern_len) {
|
|
/* Check if there's an explicit wildcard in the pattern. */
|
|
if(pattern[0] == '*' && pattern[1] == '.') {
|
|
/* Make sure that 'str' matches the wildcard pattern.
|
|
*
|
|
* Example:
|
|
* pattern = "*.google.com"
|
|
*
|
|
* So in this case 'str' would have to end with ".google.com" in order
|
|
* to map to this pattern.
|
|
*/
|
|
if(str_len >= pattern_len+1 && !wcsicmp(str+(str_len-pattern_len+1), pattern+1)) {
|
|
/* Check if there's another '.' inside of the "unmatched" portion
|
|
* of 'str'.
|
|
*
|
|
* Example:
|
|
* pattern = "*.google.com"
|
|
* str = "test.testing.google.com"
|
|
*
|
|
* The currently matched portion is ".google.com" in 'str', we need
|
|
* see if there's a '.' inside of the unmatched portion ("test.testing"), because
|
|
* if there is and 'implicit_wildcard' isn't set, then this isn't
|
|
* a match.
|
|
*/
|
|
const WCHAR *ptr;
|
|
for (ptr = str + str_len - pattern_len; ptr > str; ptr--) if (ptr[-1] == '.') break;
|
|
if (ptr == str || implicit_wildcard) {
|
|
matches = TRUE;
|
|
*matched = ptr;
|
|
}
|
|
}
|
|
} else if(implicit_wildcard && str_len > pattern_len) {
|
|
/* When the pattern has an implicit wildcard component, it means
|
|
* that anything goes in 'str' as long as it ends with the pattern
|
|
* and that the beginning of the match has a '.' before it.
|
|
*
|
|
* Example:
|
|
* pattern = "google.com"
|
|
* str = "www.google.com"
|
|
*
|
|
* Implicitly matches the pattern, where as:
|
|
*
|
|
* pattern = "google.com"
|
|
* str = "wwwgoogle.com"
|
|
*
|
|
* Doesn't match the pattern.
|
|
*/
|
|
if(str[str_len-pattern_len-1] == '.' && !wcsicmp(str+(str_len-pattern_len), pattern)) {
|
|
matches = TRUE;
|
|
*matched = str+(str_len-pattern_len);
|
|
}
|
|
} else {
|
|
/* The pattern doesn't have an implicit wildcard, or an explicit wildcard,
|
|
* so 'str' has to be an exact match to the 'pattern'.
|
|
*/
|
|
if(!wcsicmp(str, pattern)) {
|
|
matches = TRUE;
|
|
*matched = str;
|
|
}
|
|
}
|
|
}
|
|
|
|
if(matches)
|
|
TRACE("Found a match: matched=%s\n", debugstr_w(*matched));
|
|
else
|
|
TRACE("No match found\n");
|
|
|
|
return matches;
|
|
}
|
|
|
|
static BOOL get_zone_for_scheme(HKEY key, LPCWSTR schema, DWORD *zone)
|
|
{
|
|
static const WCHAR wildcardW[] = {'*',0};
|
|
|
|
DWORD res;
|
|
DWORD size = sizeof(DWORD);
|
|
DWORD type;
|
|
|
|
/* See if the key contains a value for the scheme first. */
|
|
res = RegQueryValueExW(key, schema, NULL, &type, (BYTE*)zone, &size);
|
|
if(res == ERROR_SUCCESS) {
|
|
if(type == REG_DWORD)
|
|
return TRUE;
|
|
WARN("Unexpected value type %d for value %s, expected REG_DWORD\n", type, debugstr_w(schema));
|
|
}
|
|
|
|
/* Try to get the zone for the wildcard scheme. */
|
|
size = sizeof(DWORD);
|
|
res = RegQueryValueExW(key, wildcardW, NULL, &type, (BYTE*)zone, &size);
|
|
if(res != ERROR_SUCCESS)
|
|
return FALSE;
|
|
|
|
if(type != REG_DWORD) {
|
|
WARN("Unexpected value type %d for value %s, expected REG_DWORD\n", type, debugstr_w(wildcardW));
|
|
return FALSE;
|
|
}
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
/********************************************************************
|
|
* search_domain_for_zone [internal]
|
|
*
|
|
* Searches the specified 'domain' registry key to see if 'host' maps into it, or any
|
|
* of its subdomain registry keys.
|
|
*
|
|
* Returns S_OK if a match is found, S_FALSE if no matches were found, or an error code.
|
|
*/
|
|
static HRESULT search_domain_for_zone(HKEY domains, LPCWSTR domain, DWORD domain_len, LPCWSTR schema,
|
|
LPCWSTR host, DWORD host_len, DWORD *zone)
|
|
{
|
|
BOOL found = FALSE;
|
|
HKEY domain_key;
|
|
DWORD res;
|
|
LPCWSTR matched;
|
|
|
|
if(host_len >= domain_len && matches_domain_pattern(domain, host, TRUE, &matched)) {
|
|
res = RegOpenKeyW(domains, domain, &domain_key);
|
|
if(res != ERROR_SUCCESS) {
|
|
ERR("Failed to open domain key %s: %d\n", debugstr_w(domain), res);
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
if(matched == host)
|
|
found = get_zone_for_scheme(domain_key, schema, zone);
|
|
else {
|
|
INT domain_offset;
|
|
DWORD subdomain_count, subdomain_len;
|
|
BOOL check_domain = TRUE;
|
|
|
|
find_domain_name(domain, domain_len, &domain_offset);
|
|
|
|
res = RegQueryInfoKeyW(domain_key, NULL, NULL, NULL, &subdomain_count, &subdomain_len,
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
if(res != ERROR_SUCCESS) {
|
|
ERR("Unable to query info for key %s: %d\n", debugstr_w(domain), res);
|
|
RegCloseKey(domain_key);
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
if(subdomain_count) {
|
|
WCHAR *subdomain;
|
|
WCHAR *component;
|
|
DWORD i;
|
|
|
|
subdomain = heap_alloc((subdomain_len+1)*sizeof(WCHAR));
|
|
if(!subdomain) {
|
|
RegCloseKey(domain_key);
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
component = heap_strndupW(host, matched-host-1);
|
|
if(!component) {
|
|
heap_free(subdomain);
|
|
RegCloseKey(domain_key);
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
for(i = 0; i < subdomain_count; ++i) {
|
|
DWORD len = subdomain_len+1;
|
|
const WCHAR *sub_matched;
|
|
|
|
res = RegEnumKeyExW(domain_key, i, subdomain, &len, NULL, NULL, NULL, NULL);
|
|
if(res != ERROR_SUCCESS) {
|
|
heap_free(component);
|
|
heap_free(subdomain);
|
|
RegCloseKey(domain_key);
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
if(matches_domain_pattern(subdomain, component, FALSE, &sub_matched)) {
|
|
HKEY subdomain_key;
|
|
|
|
res = RegOpenKeyW(domain_key, subdomain, &subdomain_key);
|
|
if(res != ERROR_SUCCESS) {
|
|
ERR("Unable to open subdomain key %s of %s: %d\n", debugstr_w(subdomain),
|
|
debugstr_w(domain), res);
|
|
heap_free(component);
|
|
heap_free(subdomain);
|
|
RegCloseKey(domain_key);
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
found = get_zone_for_scheme(subdomain_key, schema, zone);
|
|
check_domain = FALSE;
|
|
RegCloseKey(subdomain_key);
|
|
break;
|
|
}
|
|
}
|
|
heap_free(subdomain);
|
|
heap_free(component);
|
|
}
|
|
|
|
/* There's a chance that 'host' implicitly mapped into 'domain', in
|
|
* which case we check to see if 'domain' contains zone information.
|
|
*
|
|
* This can only happen if 'domain' is its own domain name.
|
|
* Example:
|
|
* "google.com" (domain name = "google.com")
|
|
*
|
|
* So if:
|
|
* host = "www.google.com"
|
|
*
|
|
* Then host would map directly into the "google.com" domain key.
|
|
*
|
|
* If 'domain' has more than just its domain name, or it does not
|
|
* have a domain name, then we don't perform the check. The reason
|
|
* for this is that these domains don't allow implicit mappings.
|
|
* Example:
|
|
* domain = "org" (has no domain name)
|
|
* host = "www.org"
|
|
*
|
|
* The mapping would only happen if the "org" key had an explicit subkey
|
|
* called "www".
|
|
*/
|
|
if(check_domain && !domain_offset && !wcschr(host, matched-host-1))
|
|
found = get_zone_for_scheme(domain_key, schema, zone);
|
|
}
|
|
RegCloseKey(domain_key);
|
|
}
|
|
|
|
return found ? S_OK : S_FALSE;
|
|
}
|
|
|
|
static HRESULT search_for_domain_mapping(HKEY domains, LPCWSTR schema, LPCWSTR host, DWORD host_len, DWORD *zone)
|
|
{
|
|
WCHAR *domain;
|
|
DWORD domain_count, domain_len, i;
|
|
DWORD res;
|
|
HRESULT hres = S_FALSE;
|
|
|
|
res = RegQueryInfoKeyW(domains, NULL, NULL, NULL, &domain_count, &domain_len,
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
if(res != ERROR_SUCCESS) {
|
|
WARN("Failed to retrieve information about key\n");
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
if(!domain_count)
|
|
return S_FALSE;
|
|
|
|
domain = heap_alloc((domain_len+1)*sizeof(WCHAR));
|
|
if(!domain)
|
|
return E_OUTOFMEMORY;
|
|
|
|
for(i = 0; i < domain_count; ++i) {
|
|
DWORD len = domain_len+1;
|
|
|
|
res = RegEnumKeyExW(domains, i, domain, &len, NULL, NULL, NULL, NULL);
|
|
if(res != ERROR_SUCCESS) {
|
|
heap_free(domain);
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
hres = search_domain_for_zone(domains, domain, len, schema, host, host_len, zone);
|
|
if(FAILED(hres) || hres == S_OK)
|
|
break;
|
|
}
|
|
|
|
heap_free(domain);
|
|
return hres;
|
|
}
|
|
|
|
static HRESULT get_zone_from_domains(IUri *uri, DWORD *zone)
|
|
{
|
|
HRESULT hres;
|
|
BSTR host, scheme;
|
|
DWORD res;
|
|
HKEY domains;
|
|
DWORD scheme_type;
|
|
|
|
hres = IUri_GetScheme(uri, &scheme_type);
|
|
if(FAILED(hres))
|
|
return hres;
|
|
|
|
/* Windows doesn't play nice with unknown scheme types when it tries
|
|
* to check if a host name maps into any domains.
|
|
*/
|
|
if(scheme_type == URL_SCHEME_UNKNOWN)
|
|
return S_FALSE;
|
|
|
|
hres = IUri_GetHost(uri, &host);
|
|
if(FAILED(hres))
|
|
return hres;
|
|
|
|
/* Known hierarchical scheme types must have a host. If they don't Windows
|
|
* assigns URLZONE_INVALID to the zone.
|
|
*/
|
|
if((scheme_type != URL_SCHEME_UNKNOWN && scheme_type != URL_SCHEME_FILE)
|
|
&& is_hierarchical_scheme(scheme_type) && !*host) {
|
|
*zone = URLZONE_INVALID;
|
|
|
|
SysFreeString(host);
|
|
|
|
/* The MapUrlToZone functions return S_OK when this condition occurs. */
|
|
return S_OK;
|
|
}
|
|
|
|
hres = IUri_GetSchemeName(uri, &scheme);
|
|
if(FAILED(hres)) {
|
|
SysFreeString(host);
|
|
return hres;
|
|
}
|
|
|
|
/* First try CURRENT_USER. */
|
|
res = RegOpenKeyW(HKEY_CURRENT_USER, wszZoneMapDomainsKey, &domains);
|
|
if(res == ERROR_SUCCESS) {
|
|
hres = search_for_domain_mapping(domains, scheme, host, SysStringLen(host), zone);
|
|
RegCloseKey(domains);
|
|
} else
|
|
WARN("Failed to open HKCU's %s key\n", debugstr_w(wszZoneMapDomainsKey));
|
|
|
|
/* If that doesn't work try LOCAL_MACHINE. */
|
|
if(hres == S_FALSE) {
|
|
res = RegOpenKeyW(HKEY_LOCAL_MACHINE, wszZoneMapDomainsKey, &domains);
|
|
if(res == ERROR_SUCCESS) {
|
|
hres = search_for_domain_mapping(domains, scheme, host, SysStringLen(host), zone);
|
|
RegCloseKey(domains);
|
|
} else
|
|
WARN("Failed to open HKLM's %s key\n", debugstr_w(wszZoneMapDomainsKey));
|
|
}
|
|
|
|
SysFreeString(host);
|
|
SysFreeString(scheme);
|
|
return hres;
|
|
}
|
|
|
|
static HRESULT map_security_uri_to_zone(IUri *uri, DWORD *zone)
|
|
{
|
|
HRESULT hres;
|
|
BSTR scheme;
|
|
|
|
*zone = URLZONE_INVALID;
|
|
|
|
hres = IUri_GetSchemeName(uri, &scheme);
|
|
if(FAILED(hres))
|
|
return hres;
|
|
|
|
if(!wcsicmp(scheme, fileW)) {
|
|
BSTR path;
|
|
WCHAR *ptr, *path_start, root[20];
|
|
|
|
hres = IUri_GetPath(uri, &path);
|
|
if(FAILED(hres)) {
|
|
SysFreeString(scheme);
|
|
return hres;
|
|
}
|
|
|
|
if(*path == '/' && is_drive_path(path+1))
|
|
path_start = path+1;
|
|
else
|
|
path_start = path;
|
|
|
|
if((ptr = wcschr(path_start, ':')) && ptr-path_start+1 < ARRAY_SIZE(root)) {
|
|
UINT type;
|
|
|
|
memcpy(root, path_start, (ptr-path_start+1)*sizeof(WCHAR));
|
|
root[ptr-path_start+1] = 0;
|
|
|
|
type = GetDriveTypeW(root);
|
|
|
|
switch(type) {
|
|
case DRIVE_UNKNOWN:
|
|
case DRIVE_NO_ROOT_DIR:
|
|
break;
|
|
case DRIVE_REMOVABLE:
|
|
case DRIVE_FIXED:
|
|
case DRIVE_CDROM:
|
|
case DRIVE_RAMDISK:
|
|
*zone = URLZONE_LOCAL_MACHINE;
|
|
hres = S_OK;
|
|
break;
|
|
case DRIVE_REMOTE:
|
|
*zone = URLZONE_INTERNET;
|
|
hres = S_OK;
|
|
break;
|
|
default:
|
|
FIXME("unsupported drive type %d\n", type);
|
|
}
|
|
}
|
|
SysFreeString(path);
|
|
}
|
|
|
|
if(*zone == URLZONE_INVALID) {
|
|
hres = get_zone_from_domains(uri, zone);
|
|
if(hres == S_FALSE)
|
|
hres = get_zone_from_reg(scheme, zone);
|
|
}
|
|
|
|
SysFreeString(scheme);
|
|
return hres;
|
|
}
|
|
|
|
static HRESULT map_url_to_zone(LPCWSTR url, DWORD *zone, LPWSTR *ret_url)
|
|
{
|
|
IUri *secur_uri;
|
|
LPWSTR secur_url;
|
|
HRESULT hres;
|
|
|
|
*zone = URLZONE_INVALID;
|
|
|
|
hres = CoInternetGetSecurityUrl(url, &secur_url, PSU_SECURITY_URL_ONLY, 0);
|
|
if(hres != S_OK) {
|
|
DWORD size = lstrlenW(url)*sizeof(WCHAR);
|
|
|
|
secur_url = CoTaskMemAlloc(size);
|
|
if(!secur_url)
|
|
return E_OUTOFMEMORY;
|
|
|
|
memcpy(secur_url, url, size);
|
|
}
|
|
|
|
hres = CreateUri(secur_url, Uri_CREATE_ALLOW_IMPLICIT_FILE_SCHEME, 0, &secur_uri);
|
|
if(FAILED(hres)) {
|
|
CoTaskMemFree(secur_url);
|
|
return hres;
|
|
}
|
|
|
|
hres = map_security_uri_to_zone(secur_uri, zone);
|
|
IUri_Release(secur_uri);
|
|
|
|
if(FAILED(hres) || !ret_url)
|
|
CoTaskMemFree(secur_url);
|
|
else
|
|
*ret_url = secur_url;
|
|
|
|
return hres;
|
|
}
|
|
|
|
static HRESULT map_uri_to_zone(IUri *uri, DWORD *zone, IUri **ret_uri)
|
|
{
|
|
HRESULT hres;
|
|
IUri *secur_uri;
|
|
|
|
hres = CoInternetGetSecurityUrlEx(uri, &secur_uri, PSU_SECURITY_URL_ONLY, 0);
|
|
if(FAILED(hres))
|
|
return hres;
|
|
|
|
hres = map_security_uri_to_zone(secur_uri, zone);
|
|
if(FAILED(hres) || !ret_uri)
|
|
IUri_Release(secur_uri);
|
|
else
|
|
*ret_uri = secur_uri;
|
|
|
|
return hres;
|
|
}
|
|
|
|
static HRESULT open_zone_key(HKEY parent_key, DWORD zone, HKEY *hkey)
|
|
{
|
|
static const WCHAR wszFormat[] = {'%','s','%','u',0};
|
|
|
|
WCHAR key_name[ARRAY_SIZE(wszZonesKey) + 12];
|
|
DWORD res;
|
|
|
|
wsprintfW(key_name, wszFormat, wszZonesKey, zone);
|
|
|
|
res = RegOpenKeyW(parent_key, key_name, hkey);
|
|
|
|
if(res != ERROR_SUCCESS) {
|
|
WARN("RegOpenKey failed\n");
|
|
return E_INVALIDARG;
|
|
}
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
static HRESULT get_action_policy(DWORD zone, DWORD action, BYTE *policy, DWORD size, URLZONEREG zone_reg)
|
|
{
|
|
HKEY parent_key;
|
|
HKEY hkey;
|
|
LONG res;
|
|
HRESULT hres;
|
|
|
|
switch(action) {
|
|
case URLACTION_SCRIPT_OVERRIDE_SAFETY:
|
|
case URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY:
|
|
*(DWORD*)policy = URLPOLICY_DISALLOW;
|
|
return S_OK;
|
|
}
|
|
|
|
switch(zone_reg) {
|
|
case URLZONEREG_DEFAULT:
|
|
case URLZONEREG_HKCU:
|
|
parent_key = HKEY_CURRENT_USER;
|
|
break;
|
|
case URLZONEREG_HKLM:
|
|
parent_key = HKEY_LOCAL_MACHINE;
|
|
break;
|
|
default:
|
|
WARN("Unknown URLZONEREG: %d\n", zone_reg);
|
|
return E_FAIL;
|
|
};
|
|
|
|
hres = open_zone_key(parent_key, zone, &hkey);
|
|
if(SUCCEEDED(hres)) {
|
|
WCHAR action_str[16];
|
|
DWORD len = size;
|
|
|
|
static const WCHAR formatW[] = {'%','X',0};
|
|
|
|
wsprintfW(action_str, formatW, action);
|
|
|
|
res = RegQueryValueExW(hkey, action_str, NULL, NULL, policy, &len);
|
|
if(res == ERROR_MORE_DATA) {
|
|
hres = E_INVALIDARG;
|
|
}else if(res == ERROR_FILE_NOT_FOUND) {
|
|
hres = E_FAIL;
|
|
}else if(res != ERROR_SUCCESS) {
|
|
ERR("RegQueryValue failed: %d\n", res);
|
|
hres = E_UNEXPECTED;
|
|
}
|
|
|
|
RegCloseKey(hkey);
|
|
}
|
|
|
|
if(FAILED(hres) && zone_reg == URLZONEREG_DEFAULT)
|
|
return get_action_policy(zone, action, policy, size, URLZONEREG_HKLM);
|
|
|
|
return hres;
|
|
}
|
|
|
|
static HRESULT generate_security_id(IUri *uri, BYTE *secid, DWORD *secid_len, DWORD zone)
|
|
{
|
|
DWORD len;
|
|
HRESULT hres;
|
|
DWORD scheme_type;
|
|
|
|
if(zone == URLZONE_INVALID)
|
|
return E_INVALIDARG;
|
|
|
|
hres = IUri_GetScheme(uri, &scheme_type);
|
|
if(FAILED(hres))
|
|
return hres;
|
|
|
|
/* Windows handles opaque URLs differently then hierarchical ones. */
|
|
if(!is_hierarchical_scheme(scheme_type) && scheme_type != URL_SCHEME_WILDCARD) {
|
|
BSTR display_uri;
|
|
|
|
hres = IUri_GetDisplayUri(uri, &display_uri);
|
|
if(FAILED(hres))
|
|
return hres;
|
|
|
|
len = WideCharToMultiByte(CP_ACP, 0, display_uri, -1, NULL, 0, NULL, NULL)-1;
|
|
|
|
if(len+sizeof(DWORD) > *secid_len) {
|
|
SysFreeString(display_uri);
|
|
return E_NOT_SUFFICIENT_BUFFER;
|
|
}
|
|
|
|
WideCharToMultiByte(CP_ACP, 0, display_uri, -1, (LPSTR)secid, len, NULL, NULL);
|
|
SysFreeString(display_uri);
|
|
|
|
*(DWORD*)(secid+len) = zone;
|
|
} else {
|
|
BSTR host, scheme;
|
|
DWORD host_len, scheme_len;
|
|
BYTE *ptr;
|
|
|
|
hres = IUri_GetHost(uri, &host);
|
|
if(FAILED(hres))
|
|
return hres;
|
|
|
|
/* The host can't be empty for Wildcard URIs. */
|
|
if(scheme_type == URL_SCHEME_WILDCARD && !*host) {
|
|
SysFreeString(host);
|
|
return E_INVALIDARG;
|
|
}
|
|
|
|
hres = IUri_GetSchemeName(uri, &scheme);
|
|
if(FAILED(hres)) {
|
|
SysFreeString(host);
|
|
return hres;
|
|
}
|
|
|
|
host_len = WideCharToMultiByte(CP_ACP, 0, host, -1, NULL, 0, NULL, NULL)-1;
|
|
scheme_len = WideCharToMultiByte(CP_ACP, 0, scheme, -1, NULL, 0, NULL, NULL)-1;
|
|
|
|
len = host_len+scheme_len+sizeof(BYTE);
|
|
|
|
if(len+sizeof(DWORD) > *secid_len) {
|
|
SysFreeString(host);
|
|
SysFreeString(scheme);
|
|
return E_NOT_SUFFICIENT_BUFFER;
|
|
}
|
|
|
|
WideCharToMultiByte(CP_ACP, 0, scheme, -1, (LPSTR)secid, len, NULL, NULL);
|
|
SysFreeString(scheme);
|
|
|
|
ptr = secid+scheme_len;
|
|
*ptr++ = ':';
|
|
|
|
WideCharToMultiByte(CP_ACP, 0, host, -1, (LPSTR)ptr, host_len, NULL, NULL);
|
|
SysFreeString(host);
|
|
|
|
ptr += host_len;
|
|
|
|
*(DWORD*)ptr = zone;
|
|
}
|
|
|
|
*secid_len = len+sizeof(DWORD);
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
static HRESULT get_security_id_for_url(LPCWSTR url, BYTE *secid, DWORD *secid_len)
|
|
{
|
|
HRESULT hres;
|
|
DWORD zone = URLZONE_INVALID;
|
|
LPWSTR secur_url = NULL;
|
|
IUri *uri;
|
|
|
|
hres = map_url_to_zone(url, &zone, &secur_url);
|
|
if(FAILED(hres))
|
|
return hres == 0x80041001 ? E_INVALIDARG : hres;
|
|
|
|
hres = CreateUri(secur_url, Uri_CREATE_ALLOW_IMPLICIT_FILE_SCHEME, 0, &uri);
|
|
CoTaskMemFree(secur_url);
|
|
if(FAILED(hres))
|
|
return hres;
|
|
|
|
hres = generate_security_id(uri, secid, secid_len, zone);
|
|
IUri_Release(uri);
|
|
|
|
return hres;
|
|
}
|
|
|
|
static HRESULT get_security_id_for_uri(IUri *uri, BYTE *secid, DWORD *secid_len)
|
|
{
|
|